package org.grow.loginto.security;

import com.querydsl.core.types.dsl.Expressions;
import com.querydsl.jpa.impl.JPAQueryFactory;
import org.grow.loginto.dao.RoleInfoDao;
import org.grow.loginto.entity.QPermission;
import org.grow.loginto.entity.QPermissionRole;
import org.grow.loginto.entity.QRoleInfo;
import org.grow.loginto.entity.RoleInfo;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpMethod;
import org.springframework.security.access.*;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.stereotype.Service;

import javax.servlet.http.HttpServletRequest;
import java.util.Collection;
import java.util.List;
import java.util.stream.Collectors;

/**
 * @Author: xwg
 * @CreateDate: 21-6-14
 */
@Service
public class Hot implements FilterInvocationSecurityMetadataSource  {
    @Autowired
    private JPAQueryFactory jpaQueryFactory;
    QPermission p = QPermission.permission;
    QPermissionRole pr  = QPermissionRole.permissionRole;
    QRoleInfo r = QRoleInfo.roleInfo;
    @Autowired
    private RoleInfoDao roleInfoDao;
    @Override
    public Collection<ConfigAttribute> getAttributes(Object o) throws IllegalArgumentException {
        FilterInvocation fi =(FilterInvocation)o;
        HttpServletRequest httpRequest = fi.getHttpRequest();
        String requestUrl = fi.getRequestUrl();
        System.out.println("meta-datasource:资源目标为: "+requestUrl);
        String method = httpRequest.getMethod();
//        new AntPathMatcher();
//        AntPathRequestMatcher antPathRequestMatcher = new AntPathRequestMatcher();
//        antPathRequestMatcher.matche

//        System.out.println();
//        String requestURI = httpRequest.getRequestURI();
        List<RoleInfo> fetch = jpaQueryFactory.select(r)
                .from(p)
                .leftJoin(pr).on(p.permissionId.eq(pr.permissionFk))
                .leftJoin(r).on(pr.roleFk.eq(r.roleId))
                .where(p.httpMethod.eq(HttpMethod.valueOf(method)))
                .where(Expressions.booleanTemplate("{0} like {1}",requestUrl,p.pathPattern))
//                .where(p.pathPattern.matches(requestUrl))
                .fetch();
        System.out.println("meta-datasource:目标资源的所属角色： "+fetch);
        List<ConfigAttribute> collect = fetch.stream().map(x ->
                new SecurityConfig(x.getRoleName())).collect(Collectors.toList());
//        if(CollectionUtils.isEmpty(collect)){
//
//            System.out.println("没有任何角色对应,赋值applier");
//            return Arrays.asList(new SecurityConfig("leaveApplier"));
//        }
        return collect;
    }

    @Override
    public Collection<ConfigAttribute> getAllConfigAttributes() {
       return roleInfoDao.findAll()
               .stream().map(x->new SecurityConfig(x.getRoleName()))
               .collect(Collectors.toList());

    }


    @Override
    public boolean supports(Class<?> aClass) {
        return true;
    }

}
